chain-patterns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow patterns explicitly instruct agents to fetch and interpret external service/page outputs (e.g., SKILL.md Pattern 5 and references/cron-monitoring.md use CronCreate to run "gh pr checks" and API calls, references/schedule-wakeup.md shows curl health checks, and MCP fallbacks mention WebFetch of public docs), so untrusted third-party content is read and can change agent actions.